HP XP P9000 Command View Advanced Edition Suite Software 7.6.1-00 Administrator Guide

ManualsBrandsHP ManualsSoftwareHP Command View XP Advanced Edition Enterprise Media Kit

131

132

133

134

135

136

137

138

139

140

Note:

To specify the attributes, use the following syntax:

auth.ldap.auth.server.name-property-value.attribute=value

#1:

When communicating by using StartTLS as the protocol for connecting to the LDAP directory

server, you need to specify the security settings of Common Component.

#2:

When using StartTLS as the protocol for connecting to the LDAP directory server, in the host at-

tribute specify the same host name as the value of CN in the LDAP directory server certificate.

You cannot use an IP address.

#3:

The specified attribute must not include characters that cannot be used in a user ID of the P9000

Command View AE Suite product.

Table 36 Setup items in the exauth.properties file for LDAP authentication (when an external

authentication server and StartTLS are used for communication)

DetailsProperty

Specify whether or not to verify the validity of an LDAP directory server's electronic

signature certificate by using an OCSP responder or a CRL when the LDAP directory

server and StartTLS are used for communication.

If you want to verify the validity of certificates, specify true. To not verify the validity

of certificates, specify false.

Default value: false

auth.ocsp.en-

able

Specify the URL of an OCSP responder if you want to use an OCSP responder that is

not the one written in the AIA field of the electronic signature certificate to verify the

validity of the electronic signature certificate. If this value is omitted, the OCSP responder

written in the AIA field is used.

Default value: None

auth.ocsp.re-

sponderURL

Table 37 Setup items in the exauth.properties file for LDAP authentication (when using the DNS server

to look up information about the external authentication server)

DetailsAttributes

Specify the protocol for connecting to the LDAP directory server. This attribute is

required.

Specifiable values: ldap

Default value: none

protocol

Specify the port number of the LDAP directory server. Make sure beforehand that

the port you specify is set as the listen port number on the LDAP directory server.

Specifiable values: 1 to 65535

Default value: 389

port

Specify the amount of time to wait before timing out when connecting to the LDAP

directory server. If you specify 0, the system waits until a communication error

occurs without timing out.

Specifiable values: 0 to 120 (seconds)

Default value: 15

timeout

Administrator Guide 131